package com.adtech.adms.commons.util;

public class SqlValidate {
							
	private static  String[] StrKeyWord = {"%0adele","foobar"," '' ","+0+","' +","alert(","'='","/**/","||","expression","iframe","script","javascript"," 0x","declare ","creat ","exec ","select ","insert ","delete ","count(","drop table","update ","truncate ","asc(","mid(","char(","xp_cmdshell","master ","netlocalgroup","administrators","net user"," or "," and ","alert("};
	private static String[] safeWord = {"description"};
	public static boolean	validate(String inputStr)
	{	   			
		inputStr =inputStr.toLowerCase();		
		if(inputStr.indexOf(":\\") >0)
		{
			return true;
		}
		for(String safe: safeWord) {
			if(inputStr.equals(safe)) {
				return true;
			}
		}
		for(String s: StrKeyWord)
		{
			if(inputStr.indexOf(s) >=0)
			{
				return false;
			}			
		}	
		return true;
	}
	
	public static void main(String[] args) {
		String inputStr = "备注aaa";
		long start = System.currentTimeMillis();
		for(int i=0;i<1000000;i++) {
			SqlValidate.validate(inputStr);
		}
		long end = System.currentTimeMillis();
		System.out.println("validate time:"+(end-start));
	}
	

}
